package com.hoperun.interceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import com.hoperun.framework.ex.XHZException;
import com.hoperun.framework.message.NLS;
import com.hoperun.utils.ErrorCode;
import com.hoperun.utils.MD5Util;

public class ApiInterceptor extends HandlerInterceptorAdapter {
	private final static Logger LOGGER = LoggerFactory
			.getLogger(ApiInterceptor.class);

	/*
	 * 利用正则映射到需要拦截的路径
	 * 
	 * private String mappingURL;
	 * 
	 * public void setMappingURL(String mappingURL) { this.mappingURL =
	 * mappingURL; }
	 */
	/**
	 * 在业务处理器处理请求之前被调用 如果返回false 从当前的拦截器往回执行所有拦截器的afterCompletion(),再退出拦截器链
	 * 如果返回true 执行下一个拦截器,直到所有的拦截器都执行完毕 再执行被拦截的Controller 然后进入拦截器链,
	 * 从最后一个拦截器往回执行所有的postHandle() 接着再从最后一个拦截器往回执行所有的afterCompletion()
	 */
	@Override
	public boolean preHandle(HttpServletRequest request,
			HttpServletResponse response, Object handler) throws Exception {

		LOGGER.debug(" request url is {} ", request.getRequestURI());

		String clientAccesskey = NLS.getMessage("client.accesskey");
		/* token */
		String token = request.getParameter("token");
		/* 唯一标识 */
		String appid = request.getParameter("appid");
		/* 生成签名的时间戳 */
		String timestamp = request.getParameter("timestamp");
		/* 生成签名的随机串 */
		String nonceStr = request.getParameter("noncestr");
		/* 用户编号 */
		String ownerId = request.getParameter("ownerId");

		LOGGER.debug(
				" Parameter clientAccesskey is {} ,token  is {}  , appid  is {}  , timestamp  is {}  , nonceStr  is {}  , ownerId   is {}  ",
				clientAccesskey, token, appid, timestamp, nonceStr, ownerId);
		if (StringUtils.isBlank(token) || StringUtils.isBlank(appid)
				|| StringUtils.isBlank(timestamp)
				|| StringUtils.isBlank(nonceStr)
				|| StringUtils.isBlank(ownerId)) {
			throw new XHZException(ErrorCode.REQUEST_API_ACCESS_PRAMS_ERROR);
		}

		String signature = clientAccesskey + "|" + appid + "|" + timestamp
				+ "|" + nonceStr + "|" + ownerId;

		signature = MD5Util.getMD5String(signature);
		if (!token.equals(signature)) {
			throw new XHZException(ErrorCode.REQUEST_API_ACCESS_ERROR);
		}

		// if ("GET".equalsIgnoreCase(request.getMethod())) {
		// return false;
		// }

		return true;
	}

	/**
	 * 在业务处理器处理请求执行完成后,生成视图之前执行的动作 可在modelAndView中加入数据，比如当前时间
	 */
	@Override
	public void postHandle(HttpServletRequest request,
			HttpServletResponse response, Object handler,
			ModelAndView modelAndView) throws Exception {
		if (modelAndView != null) { // 加入当前时间
			modelAndView.addObject("var", "测试postHandle");
		}
	}

	/**
	 * 在DispatcherServlet完全处理完请求后被调用,可用于清理资源等
	 * 
	 * 当有拦截器抛出异常时,会从当前拦截器往回执行所有的拦截器的afterCompletion()
	 */
	@Override
	public void afterCompletion(HttpServletRequest request,
			HttpServletResponse response, Object handler, Exception ex)
			throws Exception {
	}

}
